<?
include_once "db.php";
include_once "users.php";

class Session
{
	function Session() {
		global $db;
		global $configuration;
		$path = $configuration->get("cookie_path");
		$domain = $configuration->get("cookie_domain");
		$this->service = $configuration->get("service");
		$this->loged_in = false;
		$this->groups = array();
		$this->user = -1;
		if (isset($_GET["SessionHashCookie"])) {
		   $this->hash = addslashes($_GET["SessionHashCookie"]);
		   $data = $db->queryToArray("SELECT * FROM", "sessions", "WHERE hash = '".$this->hash."'");	
		   if (is_array($data)) {
			   $this->user = $data[0]["user"]; 
			   $this->getUserData();
		   } else {
			   $this->saveHashToDB();
		   }
		} else if (isset($_POST["SessionHashCookie"])) {
		   $this->hash = addslashes($_POST["SessionHashCookie"]);
		   $data = $db->queryToArray("SELECT* FROM", "sessions", "WHERE hash = '".$this->hash."'");	
		   if (is_array($data)) {
			   $this->user = $data[0]["user"]; 
			   $this->getUserData();
		   } else {
			   $this->saveHashToDB();
		   }
		} else if (isset($_COOKIE[$this->service."SessionHashCookie"])) {
		   $this->hash = addslashes($_COOKIE[$this->service."SessionHashCookie"]);
		   $data = $db->queryToArray("SELECT * FROM", "sessions", "WHERE hash = '".$this->hash."'");	
		   if (is_array($data)) {
			   $this->user = $data[0]["user"]; 
			   $this->getUserData();
		   } else {
			   $this->saveHashToDB();
		   }
		} else {
		   $time    = time();
		   $ip      = $_SERVER["REMOTE_ADDR"];
		   $agent  = $_SERVER["HTTP_USER_AGENT"];
		   $this->hash = md5($time.$ip.$agent);
		   if ($domain == "") {
		   	setcookie($this->service."SessionHashCookie", $this->hash, time()+36000, $path);
		   } else {
		   	setcookie($this->service."SessionHashCookie", $this->hash, time()+36000, $path, $domain);
		   }
		   $this->saveHashToDB();
		}
		$this->cleanSessions();
	}
	function saveHashToDB() {
		global $db;
		$db->query("INSERT INTO", "sessions", "(hash, user, date) VALUES ('".$this->hash."', '".$this->user."', '".date("Y-m-d H:i:s")."')");
	}
	function updateDB() {
		global $db;
		$db->query("UPDATE ", "sessions", "SET date = '".date("Y-m-d H:i:s")."', user = '".$this->user."' WHERE hash = '".$this->hash."'");
	}
	function getUserData() {
		global $users;
		$data = $users->getUserData($this->user);
		if (is_array($data)) {
			$this->userName = $data[0]["name"];
			$this->loged_in = true;
		}
	}
	function logUserIn($name, $pwd) {
		global $users;
		$r = $users->logUserIn($name, $pwd);
		if (is_array($r)) {
				$this->userName = $r["userName"];
				$this->user = $r["user"];
				$this->loged_in = $r["loged_in"];
				$this->updateDB();
				return 1;
		} else {
			return 0;
		}
	}
	function logout() {
		$this->userName = "";
		$this->user = -1;
		$this->loged_in = false;
		$this->updateDB();
	}
	function getUserName() {
		if ($this->loged_in) {
			return $this->userName;
		} else {
			return "";
		}
	}
	function getUserAttribute($name, $default_value = false) {
		global $users;
		if ($this->loged_in) {
			return $users->getUserAttribute($this->user, $name, $default_value);
		} else {
			return $default_value;
		}
	}
	function setUserAttribute($name, $value) {
		global $users;
		if ($this->loged_in) {
			$users->setUserAttribute($this->user, $name, $value);
		}
	}
	function getSessionValue($name, $default_value = false) {
		global $db;
		$data = $db->queryToArray("SELECT * FROM", "session_attributes", "WHERE ID = '".$this->hash."' AND name='".$this->service.$name."'");
		if (is_array($data)) {
			return $data[0]["value"];
		} else if ($this->loged_in) {
			$data = $db->queryToArray("SELECT * FROM", "user_attributes", "WHERE ID = '".$this->user."' AND name='".$this->service.$name."'");
			if (is_array($data)) {
				return $data[0]["value"];
			}
		}
	}
	function setSessionValue($name, $value) {
		global $db;
			$db->query("DELETE FROM", "session_attributes", "WHERE name='".$this->service.$name."' AND ID='".$this->hash."'");
			$db->query("INSERT INTO", "session_attributes", "(ID, name, value) VALUES ('".$this->hash."', '".$this->service.$name."', '".$value."')");
	}
	function cleanSessions() {
		global $db;
		$twoDaysAgo = date("Y-m-d", mktime(1,1,1,date(m),date(d)+2,date(y)));
		$data = $db->queryToArray("SELECT * FROM", "sessions", "WHERE ADDDATE(date, INTERVAL 2 DAY) < NOW()");
		if (is_array($data)) {
	  		foreach ($data as $rotten) {
	    		$db->query("DELETE FROM", "session_attributes", "WHERE ID='".$rotten["hash"]."'");
	    		$db->query("DELETE FROM", "sessions", "WHERE hash='".$rotten["hash"]."'");	
	  	}
	}
}
}

$session = new Session();

?>
